How to become a contributor to manjaro repositories?

I am creating a custom Manjaro Gnome and I have created a repository where I want to add many AUR packages https://www.tromjaro.com/repository/TROMrepo/x86_64/ - but I was wondering wouldn’t it be a better idea to focus my energy to Manjaro itself and help with migrating AUR packages to the Manjaro repositories? The AUR packages that I am adding to my own repositories are AUR packages that I test for several good days to see if there are bugs and if they work ok.

I might ask for something that I do not understand - maybe there is a lot of testing from Manjaro’s part before adding an AUR to repos, but I am curious if there is a possibility or what you recommend.

5 Likes

I would also be available, but I’m sure Manjaro Team knows that already :wink:

4 Likes

Yup, already recommended there but I thought to not put all work on the backs of Manjaro’s dev - maybe I can help out since I am already building my own repo for a custom Manjaro

Can you build custom manjaro with your own repo enabled by default? That way manjaro devs don’t have to maintain it?

That’s exactly what I’m doing, but I thought if I am already doing this, wouldn’t it be better for the Manjaro community if the packages I add to my repo I add to Manjaro’s repos? This way people can find more packages in Manjaro’s repos

I see what you are saying, and I agree! More packages = more fun you know! But manjaro devs also work their bottoms off to keep manjaro amazing, so make sure to thank them and be patient.

You may have already seen this. How to create your own Manjaro spin with manjaro-tools Hope it will give some pointer to you. Adding AUR packages to Manjaro repo by many people (users) other than dev may not be good idea as there are chances of misusing the tools by someone later and may break entire system. I feel that it is good to recommend the required ones and dev could add it. Ofcourse, the people like you could join the dev team (i do not know if it is possible) and reduce the burden.

Yep, that was my motivation too, and the fact that I do not have a personal online repo anymore; everything’s local at the moment… virtualbox-i3 and signal-git among others.

However if you can convince Manjaro of the necessity of a package, they will normally add it to the repos if it doesn’t require too much maintenance.

EDIT: @tiotrom, if I see this correctly, your packages are not signed. If you want to contribute you are going to need a key to sign your packages.
Create a key pair with gpg, upload it to a keyserver, and add the key to /etc/makepkg.conf.

Yup I already made a Manjaro spin for our project and we will publish soon, that’s why I created a custom repo for it and I thought why maintain a separate custom repo if I could help the Manjaro team directly.

Yes indeed I understand that. If the Manjaro dev see this thread and may want my help, I am here to learn and try to help.

Sure, I already did that and I will continue to do, but as they said unless this package is super unique and/or a Manjaro dev is using it himself, then are little chances for the package to be added.

Yes indeed this was the next thing to look into! Is there any wiki that could help me guide?

IIRC there was a kind of rule (or convention) about adding packages to Manjaro repositories: a package will be added if it is required for official or community edition iso. Then the maintainer of that edition is responsible for that particular package. All other packages may well be installed from AUR. Something like that. I think maintainers know more about that.

3 Likes

You can either use a GUI like Enigmail (add-on for Thunderbird), Kleopatra etc., or simply use the command line.

Here is a very basic example:

gpg --full-generate-key
gpg --send-keys <key-id>
sudo pacman-key -r <key-id>
sudo pacman-key --lsign-key <key-id>

Then insert the key ID into /etc/makepkg.conf, option GPGKEY.
You then just have to build your packages with makepkg --sign or buildpkg -s.

Maybe I forgot something there, but it should give you an idea of how it works.
If you don’t want to upload the key to a key server, you can export it with gpg --export --armor and import it with gpg --import and/or pacman-key -a.

1 Like

How important is to have the packages signed? :smiley: - like realistically is this a must? Asking because it seems difficult for me to do it and I was wondering is it a must? And what are the realistic dangers? Thanks

If you want to have any hope of ever getting your packages into the official repo, this is absolutely a must!
For your own custom repo, it’s up to you, but most people won’t use it, if the packages are not signed, since they could easily be comprimised and they have no way of telling that the packages are actually from you.

3 Likes

I m on Smartphone so no easy to find the tread where are collect all Users repository made by manjaro users… Add your repository in this tread ( if already done sorry) and Continue to update your packages and help Users if your packages Don t works or if need help… Then if a package is interesting we can adopt but only if improve manjaro include it :wink:… Decision to become a manjaro packager is a internal decision with all of our team :grinning:

1 Like

No, it’s very easy to do, it takes 2 minutes :wink:
See the instructions I posted above.

1 Like